Thanks for the reply. I had a look at the other topic, however the commands discussed are IOS router commands. Both of the PIX firewalls in my case are connected directly to Wireless broadband links and therefore there are no routers or other hardware at all between the two firewalls.
I'm confused about this answer. If a host behind pix1 wants to talk to a host behind pix2 then how does it do that. If it talks to 10.0.0.x address it will just arp out locally. If it talks to the public ip address of pix2 then when it gets to pix2 how does that firewall know which 10.0.0.x address it is intended for ?
Surely what you would need to do is have a one to one mapping at each end ie. if pix1 clients need to talk to 10.0.0.5 & 10.0.0.6 at pix2 site then you need to present those addresses internally into pix site as different IP's which can then be translated back to their original addresses at the other end.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...